Links

Share project

bWAPP is an "extremely buggy wep app" intended for researching and
discovering common security issues. It deliberately covers over 100
vulnerabilities ranging from SQL injection, to XSS, CGI exploits, SSL
tampering, remote code execution, RFI, SSRF, CORS, buffer overflows; and
replicates many high-profile exploits of other applications (Drupal,
Wordpress). It's implemented in PHP, but of course only meant to be run
in a sandbox or with its bee-box VM exposing further server process
vulnerabilities.